SSL on Ubuntu 12 LTS with Apache and PHP-FPM

apache-2.2php-fpmssl-certificate

After reading many tutorials I managed to run successfully Apache MPM-Worker and PHP-FPM on Ubuntu 12 LTS. I have separate pools for each user and everything works like a charm. However I need to install SSL for one of the domains. I managed to create self signed certificate just to get the secure connection up and running. My problem is that with the settings I currently have I will not be able to run SSL for another domain because when reloading Apache settings I get an error (warn):

[Sun Mar 15 16:52:59 2015] [warn] The Alias directive in /etc/apache2/sites-enabled/www.my-site-name.com at line 21 will probably never match because it overlaps an earlier Alias.

My settings are as following:

/etc/apache2/conf.d/php5-fpm.conf

<IfModule mod_fastcgi.c>
    AddHandler php5-fcgi .php
    Action php5-fcgi /php5-fcgi
</IfModule>

/etc/php5/fpm/pool.d/example.conf

[example]
user = example
group = example
listen = /tmp/php5-fpm-example.sock
listen.owner = example
listen.group = example
listen.mode = 0660

/etc/apache2/sites-enabled/www.my-site-name.com

<VirtualHost *:80>
    content goes here
</VirtualHost>

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        content goes here
    </VirtualHost>
</IfModule>

<IfModule mod_fastcgi.c>
    Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi_example
    FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi_example -socket /tmp/php5-fpm-example.sock -idle-timeout 300 -pass-header Authorization -flush
</IfModule>

When I put the code Alias /php5-fcgi … inside VirtualHost *:80 and VirtualHost *:443 (two times for 80 and 443) I get an error for the duplicate rule. However when I put the code outside VirtualHost *:80 and VirtualHost *:443 as shown on the example above then this rule acts as global rule. Meaning if I don't create user for one site it applies this user as default – example. And therefore in my opinion I will not be able to set SSL for another website.

How can I include the code after IfModule mod_fastcgi.c for secure and non secure connection without getting error from apache?

Any help regarding my case is highly appreciated.

Best Answer

I posted the question and shortly after that I found answer in another post Apache and multiple PHP-FPM pools

The code didn't work for me 100% but it showed me the right way to do it.

This code didn't work for me:

<FilesMatch \.php$>
    SetHandler php-script
</FilesMatch>

So my code is simply:

AddHandler php5-fcgi .php

I included this code for SSL:

<IfModule mod_fastcgi.c>
Alias /php5-fcgi /usr/lib/cgi-bin/php5-ssl-fcgi_example
FastCgiExternalServer /usr/lib/cgi-bin/php5-ssl-fcgi_example -socket /tmp/php5-fpm-example.sock -idle-timeout 300 -pass-header Authorization -flush
</IfModule>

Note the ssl in Alias and FastCgiExternalServer. That configuration worked fine for me alter all.

Related Topic